| Page(s) : 1 ... 27 28 29 30 31 32 33 34 35 36 [37] 38 39 40 41 42 43 44 45 46 47 ... | Result(s) : 114976 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-30 | CVE-2025-48485 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect inpu... |
| 5.4 | 2025-05-30 | CVE-2025-48486 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting (XSS) vulnerability is caused by the lack of input validation a... |
| 4.8 | 2025-05-30 | CVE-2025-48487 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed... |
| 5.4 | 2025-05-30 | CVE-2025-48488 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the file .htaccess allows an attacker to upload an HTML file containing maliciou... |
| 4.8 | 2025-05-30 | CVE-2025-48489 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to insufficient d... |
| 5.4 | 2025-05-30 | CVE-2025-48875 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of last_name and first_name during profile data up... |
| 6.6 | 2025-05-30 | CVE-2025-48880 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, when an administrative account is a deleting a user, there is the the possibility of a ra... |
| 5.4 | 2025-05-30 | CVE-2025-4943 | cve | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and ... |
| 4.3 | 2025-05-30 | CVE-2025-4431 | cve | The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fip_sa... |
| 5.4 | 2025-05-30 | CVE-2025-5236 | cve | The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘username’ parameter in all versions up to, and including, 1.1 due to i... |
| 4.3 | 2025-05-30 | CVE-2025-48334 | cve | Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Slider Pro: ... |
| 6.5 | 2025-05-30 | CVE-2025-48912 | cve | An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allo... |
| 4.6 | 2025-05-29 | CVE-2025-32752 | cve | Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A high privileged attacker with physical access could potentially exploit this vul... |
| 6.5 | 2025-05-29 | CVE-2025-3050 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service ... |
| 6.3 | 2025-05-29 | CVE-2025-5326 | cve | A vulnerability was found in zhilink ???(??)?????? ADP Application Developer Platform ??????? 1.0.0 and classified as critical. Affected by this issue is some unknown functional... |
| 5.4 | 2025-05-29 | CVE-2025-4583 | cve | The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-plugin` attribute in all versions ... |
| 6.4 | 2025-05-29 | CVE-2025-4670 | cve | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edd_receipt s... |
| 6.4 | 2025-05-29 | CVE-2025-5122 | cve | The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.2.1 due to insufficient i... |
| 6.4 | 2025-05-29 | CVE-2025-5286 | cve | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘additional_settings’ parameter in all versions up to, and including, 5.3.6 due t... |
| 6.1 | 2025-05-28 | CVE-2025-30087 | cve | Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL. |
| Page(s) : 1 ... 27 28 29 30 31 32 33 34 35 36 [37] 38 39 40 41 42 43 44 45 46 47 ... | Result(s) : 114976 |
